Target Hardening
December 2, 2025
Here’s an exercise that tends to make people uncomfortable: Google yourself.
Not a quick vanity search. Actually try to find out as much as you can about yourself using only publicly available information. Pretend you’re a stranger trying to learn about you. See what comes up.
Most people have never done this. And most people are surprised by what they find.
Your digital footprint isn’t just what you post on social media. It’s the accumulation of every database you’ve ever ended up in, every account you’ve created, every time your information was collected and stored somewhere.
Some of this you created. Most of it you didn’t.
Social media is the obvious starting point. Even with privacy settings, your profile photo, your name, maybe your employer and city are often visible. Your friends list might be public. Your comments on public posts are searchable. Photos you’re tagged in by friends with looser privacy settings show up even if yours are locked down.
LinkedIn is particularly revealing if you use it. Your full work history, your education, your skills, your connections, sometimes your email address. People treat LinkedIn as “professional” and forget it’s still public information about their life.
Google results pull from everywhere. Old forum posts. Comments on news articles. Race results if you’ve run a 5K. Donations to political campaigns over $200 (federally required to be public). Your name in a wedding announcement from 2012.
But social media is just the surface.
Here’s where it gets interesting. A huge amount of your personal information lives in government databases that are open to the public. Not through any hack or trick - they’re designed to be accessible.
Property records are maintained by your county assessor or recorder’s office. If you own a home, anyone can look up your full legal name, your address, what you paid for the house, the square footage, the lot size, and often a photo of the property. In some counties, you can see the history of ownership, any liens, and the assessed tax value. This is all searchable online in most jurisdictions.
Voter registration records are public in most states. Depending on the state, this can include your name, address, date of birth, party affiliation, and voting history (not who you voted for, but whether you voted in each election). Some states restrict access, but many make this easily searchable.
Court records are largely public. If you’ve been involved in a lawsuit, a divorce, a bankruptcy, or a criminal case, there’s likely a record of it. Federal cases are searchable through PACER. State and local courts vary, but many have online portals.
Business filings are public if you’ve registered an LLC, corporation, or done business under a fictitious name. Your name, your registered agent address (often your home if you didn’t use a service), and the nature of your business are all on file.
Professional licenses are typically searchable. Doctors, lawyers, real estate agents, contractors, nurses - if your profession requires a license, there’s probably a public database confirming your status, and often listing your address of record.
Even things like hunting and fishing licenses, boat registrations, and concealed carry permits are public records in some states.
None of this is hidden. It’s not leaked. It’s not hacked. It’s just public, and most people have never thought to look.
This is where the information gets aggregated and sold back to you.
Sites like Spokeo, WhitePages, BeenVerified, Intelius, and dozens of others scrape public records, social media, and data broker databases. They compile everything into neat profiles and charge people to access them - or show you just enough for free to make you concerned.
A typical profile might include your name, age, current and past addresses, phone numbers, email addresses, relatives’ names, associates, property records, and sometimes income estimates and political affiliations.
Where do they get this? Public records. Data brokers who buy information from apps and services you’ve used. Marketing databases. The “free” rewards programs and surveys you’ve signed up for over the years.
The information isn’t always accurate - these sites are notorious for mixing up people with similar names or showing outdated data. But they’re accurate often enough to be useful for someone trying to learn about you.
The images you share reveal more than you think.
Metadata embedded in photos can include the exact GPS coordinates where the picture was taken, the date and time, and what device you used. Most social media platforms strip this data when you upload, but not all services do. If you email a photo directly or post it somewhere that doesn’t strip metadata, you might be sharing your location without realizing it.
Background details matter too. The view from your window. The street signs in your jogging selfie. Your kid’s school name on their t-shirt. The mail on your counter. People reveal their location, their routines, their habits, and their lives in ways they don’t consciously intend.
Patterns emerge over time. Regular posts from the same coffee shop. Gym check-ins. Vacation photos that show you’re not home. Your digital footprint isn’t just individual data points - it’s the pattern they create together.
Any single piece of information might seem harmless. Your name is public. Your employer is on LinkedIn. Your address is in property records. Your phone number is in a data broker database.
But combined, these pieces paint a detailed picture.
Someone who wants to impersonate you for social engineering now knows where you work, where you live, your phone number, your email, your relatives’ names, and probably your daily routine. A phishing email that references your actual employer, your actual neighborhood, your actual family members is far more convincing than a generic one.
This isn’t theoretical. This is how targeted scams work. This is how people get stalked. This is how criminals choose their marks.
Before you can reduce your exposure, you need to know what’s out there.
Start with Google. Search your full name in quotes. Try variations - maiden name, middle name, nicknames. Add your city. Add your employer. See what comes up.
Check the people search sites. Search yourself on Spokeo, WhitePages, BeenVerified. You don’t need to pay - the free previews show you enough to know what they have.
Look up your property records. Search “[your county] property records” or “assessor” and find yourself. See what’s public.
Search your email addresses and usernames. Old accounts you’ve forgotten about might still be out there.
Reverse image search your profile photos. See where else your face appears online.
This isn’t about paranoia. It’s about awareness. You can’t make informed decisions about your privacy if you don’t know what’s already exposed.
Awareness is the first step. In future posts, we’ll cover specific actions: how to opt out of people search sites, how to tighten your social media privacy settings, how to think about what you share going forward.
For now, just look. See yourself the way a stranger would. Most people find it illuminating.
Next in the Target Hardening series: “Settings That Actually Matter” — the defaults that are working against you and which ones are worth changing.